I am a user on my local machine (clientuser1). I ssh into a AWS instance server (with ip: server-ip) as . I have the public key of clientuser1 uploaded in my permission settings.
I am able to
ssh <server-user1>#<server-ip>
I, then created a user on the instance, and tried ssh'ing into the instance:
ssh <server-user2>#<server-ip>
I got a response:
Permission denied (publickey).
I tried creating a public-private key pair on the on the server and sent the private key of
ssh -i <pvt key of server-user2> <server-user2>#<server-ip>
The answer that worked was
ssh-add <id_rsa>
This added the new key to ssh-agent.
For Googlers:
Other than the common permission-related causes, if the system disk is full, SSH server will also respond "permission denied".
Related
I accessed my cPanel server via SSH with help of username#host and password.
Generated SSH key (RSA) and added it to my GitLab account.
When I tried cloning it shows me an error, fatal: Could not read from remote repository
I think this is an error from the cPanel side but not able to resolve, help me out
From your CPanel server session, check if your generated key works with:
ssh -Tv git#gitlab.com
If you don't see a Welcome to GitLab, #username! at the end, that means the key is not properly registered.
I tried:
$ ssh root#157.245.238.190
and I receive:
Warning: Permanently added '157.245.238.190' (ECDSA) to the list of known hosts.
Permission denied (publickey).
Why does the connection fails, even though I have added the server fingerprint to the known_hosts file?
While known_hosts might be correctly updated, you sill have to register (add) your public key to ~root/.ssh/authorized_keys on the server side.
If not added, an SSH connection would fail with Permission denied (public key)
Also check how the sshd_config is configured on your droplet.
Note that the recommended SSH session is using a user, not root.
I am given with id_rsa.pub from client. And I was told to connect to it. I tried adding the key with ssh-copy-id user#ec2-remoteserver.com
But it gave the error. Permission denied (publickey).
Then I thought of trying to connect with
ssh -i /c/Users/kdash/Desktop/id_rsa.pub user#ec2-instance.com
It now says the error
Load key "/c/Users/kdash/Desktop/id_rsa.pub": invalid format
Can anyone please help me understand how shall I add the given .pub key file and access to the remote server.
Earlier I had connected to servers with .pem files as such:
ssh -i /c/Users/kdash/Desktop/server.pem user#ec2-instance.com
I am not clear how .pub file can be used.
Client should provide you the private key to connect to server.
I am sure client must have added the public key in their ~/.ssh/authorized_keys
Once client provide you the private-key file, then you can connect as
ssh -i <private-key> user#ec2-instance.com
See example here, remote machine is adding public key in ~/.ssh/authorized_keys and then user can connect to it using private key.
So I guess, you need private key file to connect to remote ssh server.
Remote machine should never add private key in ~/.ssh/authorized_keys.
So, I just do trial GCloud service, and try connect via ssh. At the first time I forget my username of my Mac, so I did it wrong by doing this:
doe-MacBook-Pro:Documents does$ ssh -i ~/.ssh/google_compute_engine xxxx#111.111.111.111
Warning: Identity file /Users/does/.ssh/google_compute_engine not accessible: No such file or directory.
The authenticity of host '111.111.111.111 (111.111.111.111)' can't be established.
ECDSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxx.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '111.111.111.111' (ECDSA) to the list of known hosts.
Permission denied (publickey).
then I know my username, I tried:
doe-MacBook-Pro:Documents does$ ssh -i ~/.ssh/google_compute_engine does#111.111.111.111
Warning: Identity file /Users/does/.ssh/google_compute_engine not accessible: No such file or directory.
Permission denied (publickey).
and it gives me error. Can you tell me how can I solve this issue?
This has nothing to do with the ssh username.
Check two things first and we can go from there:
Permission: should be readable by you, i.e., at least 0400.
File: does it exist at all?
Problem SOLVED!
I forget didn't completed my gcloud compute ssh project-name command.
After I finished with the command, it creates file google_compute_engine.
Now I finally can connect to my Google Cloud via SSH.
this is probably a simple stupidly question :)
I've created a new windows instance on Amazon EC2, and also downloaded the .pem file to SSH.
with cygwin
$ ssh -i mykey.pem Administrator#ec2-xx-xx-xx-xxx.us-west-2.compute.amazonaws.com
Administrator#ec2-xx-xx-xx-xxx.us-west-2.compute.amazonaws.com's password:
Permission denied, please try again.
permission set to 400 for mykey.pem file.
$ chmod 400 mykey.pem
I also tired with the putty by creating mykey.ppk file form mykey.pem with puttygen but getting access denied error :(
Using username "Administrator".
Authenticating with public key "imported-openssh-key"
Server refused public-key signature despite accepting key!
Administrator#ec2-xx-xx-xx-xxx.us-west-2.compute.amazonaws.com's password:
Access denied
dont know what kind of silly mistake im making here!
Please guys do u have any suggestion here?
Following are the most possible reasons-
Port 22 is not open while creating EC2 instance
Firewall configuration on your local machine(just try disconnecting VPN)
AWS account is suspended due to pending bill payment
SSH port on EC2 server were not open to incoming traffic.